Lavabit and End-point Security

[coderman]

On Sun, Aug 11, 2013 at 1:28 PM, coderman <coderman at gmail.com> wrote:
> ... and then a baseband exploit easily walks under all of my
> protections at every layer, completely and fully 0wning my devices,

"I'm sorry. My responses are limited. You must ask the right questions."


weaponized baseband exploits are difficult, expensive, architecture
specific, and not used capriciously.

this, among other reasons, is why there is such a dearth of
information on them despite being proven exploitable with a wide
attack surface for many years.


related:

"""
Rupp said state-sponsored attackers are already using baseband
processor attacks in airports but declined to go into details beyond
saying that attacks could be carried out without the need to trick
smartphones owners into opening an email or visiting a malicious
website. Attacks might involve building a rogue GSM base-station from
commodity hardware or run from the infrastructure of a 'co-operative"
telco. It might also be possible to run attacks against baseband
processors of phones using Wi-Fi or Bluetooth interfaces, according to
GSMK Cryptophone.

"Once you have control over the app CPU, you can in principle use that
to load any code you want from the network," Rupp explained. "Since
you have already successfully escalated your privileges on the system,
no user interaction is necessary."
"""
http://www.theregister.co.uk/Print/2013/03/07/baseband_processor_mobile_hack_threat/


"Baseband Attacks: Remote Exploitation of Memory Corruptions in
Cellular Protocol Stacks"
https://www.usenix.org/system/files/conference/woot12/woot12-final24.pdf


"Anatomy of contemporary GSM cellphone hardware"
https://gnumonks.org/trunk/presentation/2010/gsm_phone-anatomy/gsm_phone-anatomy-v0.4.pdf


"Cellular baseband security"
https://smartech.gatech.edu/handle/1853/43766


"Run-time firmware integrity verification: what if you can't trust
your network card"
http://cansecwest.com/csw11/Duflot-Perez_runtime-firmware-integrity-verification.pdf